Last updated: June 2026
Privacy Policy
This Privacy Policy explains how Truer collects, processes, encrypts, retains, and purges personal data. This document is architected to fulfill transparency standards mandated by the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and general high-stakes data compliance frameworks.
1. Data Collected and Methods of Processing
Truer collects data across specific informational tiers. As verified by the payload criteria configuration, our infrastructure separates core identity verification from visible user profiles.
Category A: Identifiers
- Fields: First Name, Last Name, Full Name, Nicknames, Node ID.
- Source: User & Didit Payload.
- Purpose: Identity linking, account security, and basic profile creation.
Category B: Personal Records
- Fields: Date of Birth, Gender, Marital Status, Nationality, Parsed Address, Portrait Image.
- Source: Didit Verified Payload.
- Purpose: Structural demographic checks and cross-matching of physical identity.
Category C: Protected Classifications
- Fields: Age, Gender, Nationality.
- Source: Didit Verified Payload.
- Purpose: Functional network filtering and legal age-verification enforcement for 18+ access.
Category H: Geolocation Data
- Fields: City of Residence derived from Parsed Address.
- Source: User & Didit Payload.
- Purpose: Regional matching and localized interface population.
Category I: Biometric Metadata
- Fields: Front/back camera face-match scores and image quality scores.
- Source: Didit Automated Processing.
- Purpose: Truer does not ingest or store raw biometric maps. Our network stores only the numeric confirmation scores generated by Didit to verify identity alignment.
User-Generated Content
- Fields: Profile pictures, bio copy, dealbreaker definitions, and questionnaire prompt responses.
- Source: Direct user input.
- Purpose: Social profile discovery and compatibility logic.
2. Granular Privacy Controls: Ghost Mode Architecture
Truer features an integrated identity isolation protocol known as Ghost Mode. When activated by the user, our data distribution engine dynamically restricts public visibility. Profiles in Ghost Mode filter out all custom user-generated fields, exposing only the minimum verified structural parameters required to confirm network presence:
- First and last name, or confirmed nickname.
- Calculated age.
- City of residence.
- Stated height and relationship status.
All other records, direct free-form fields, and additional assets are completely locked and hidden from client-side network view.
3. Third-Party Data Intermediaries & Privacy Sovereignty
- Verification Intermediary: Identity scanning operations are securely executed by Didit. Didit retains the secure, raw document imagery under sovereign credentialing standards. Truer ingests only the processed text payload metadata, validation stamps, and face-match scores.
- Payment Tracking Intermediary: Financial transaction tracking, platform state updates, and entitlement verification are routed through RevenueCat. Truer does not store raw credit card numbers or banking passwords on its servers.
- Telemetry and Analytics Infrastructure: Truer completely rejects invasive surveillance trackers. In alignment with global privacy frameworks, we run lightweight, zero-tracking, or self-hosted telemetry environments that map critical platform errors and system performance without capturing unique PII, device fingerprints, or persistent client addresses.
4. The Right to Be Forgotten: Data Purge & Anti-Bot Fingerprinting
- The Purge Stream: Upon a user-initiated request to delete an account, Truer triggers a cascading database operation. All direct identifiers, text bios, answers, portrait pictures, and parsed location vectors are permanently unlinked and erased from live production databases.
- Anti-Bot Fraud Protection Limits: To prevent malicious bot distribution, recurring spam patterns, or bad actors from continuously looping through the network, Truer generates a non-reversible cryptographic hash signature of the verified identity metric upon deletion. This hash contains no human-readable or decryptable personal info. It acts strictly as a secure data firewall to recognize and automatically block previously banned or malicious entities attempting to exploit the identity gate.
- Backup Retainers: Residual data stored within system backups is strongly encrypted at rest and naturally overwritten on a strict automated system schedule.
5. Your California Privacy Rights
California residents possess the explicit legal right to:
- Know: Request disclosure of what personal information we collect, use, and disclose.
- Delete: Request the permanent removal of collected personal information.
- Correct: Request modification of inaccurate personal data records.
- Opt-Out: Opt out of any future sale or sharing of personal data. Truer explicitly states that it never sells, rents, or shares user profile info or verification metadata to third-party ad brokers.
Privacy requests
To execute consumer privacy requests, navigate directly to your settings console or contact the privacy compliance queue at privacy@gettruer.com.